Skip to content
Home » Spring boot Actuator expose all endpoints

Spring boot Actuator expose all endpoints

  • by
Spring boot Actuator expose all endpoints

1. Overview

In this article, we will learn to expose all the actuator endpoints in the Spring boot application. You can either expose the endpoint over JMX or HTTP technologies.

2. Spring boot Actuator

Spring Boot includes the Actuator feature to help you monitor and manage your application when you push it to production. It allows you to audit, check the health, and gather metrics of your application. You can choose to manage and monitor your application by using HTTP endpoints or with JMX.

Now let’s discuss exposing the endpoints over these technologies HTTP or JMX.

3. Expose Actuator endpoints

You should carefully consider which endpoints to expose as endpoints may contain sensitive information. You can also refer to this table to understand the APIs exposed by default over JMX or HTTP.

The application would expose all endpoints over JMX. However, for security reasons, it disables all actuators other than /health over HTTP by default.

3.1. Expose all endpoints over HTTP

For example, when you run the application after adding the spring actuator dependency, you would notice the log line Exposing 1 endpoint(s) beneath base path ‘/actuator’. As mentioned earlier, Actuator exposes the health endpoint by default with no additional configuration.

2022-03-23 11:01:00.111  INFO 13648 --- [           main] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2022-03-23 11:01:00.111  INFO 13648 --- [           main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 3965 ms
2022-03-23 11:01:01.124  INFO 13648 --- [           main] o.s.b.a.e.web.EndpointLinksResolver      : Exposing 1 endpoint(s) beneath base path '/actuator'
2022-03-23 11:01:01.209  INFO 13648 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8080 (http) with context path ''
2022-03-23 11:01:01.263  INFO 13648 --- [           main] c.tedblob.Actuator.ActuatorApplication   : Started ActuatorApplication in 6.091 seconds (JVM running for 7.169)

If you hit the URL http://localhost:8080/actuator/health, you would see the application health information.

{"status":"UP"}

To change the endpoints being exposed, use the following technology-specific include and exclude properties:

Before setting the management.endpoints.web.exposure.include, ensure that the exposed actuators do not contain sensitive information and secured by placing them behind a firewall or Spring Security.

management.endpoints.web.exposure.exclude
management.endpoints.web.exposure.include

The include property lists the IDs of the endpoints that are exposed whereas you can use the exclude property to list the IDs of the endpoints which you don’t want to expose.

To expose all endpoints, you must specify * as include property value.

The exclude property takes precedence over the include property. You can configure both the include and the exclude properties with a list of endpoint IDs.

3.1.1. Exclude the endpoints

You can use exclude property to list the IDs of the endpoints which you don’t want to expose.

For example, the following code excludes the health endpoint from being exposed.

management.endpoints.web.exposure.exclude=health

Since we excluded the health endpoint also, you would see the following log statement while starting the application:

2022-03-23 11:58:25.469  INFO 11556 --- [           main] o.s.b.a.e.web.EndpointLinksResolver      : Exposing 0 endpoint(s) beneath base path '/actuator'

If you hit the URL http://localhost:8080/actuator/health, it would return 404 NOT FOUND error.

3.1.2. Expose the endpoints

The include property lists the IDs of the endpoints that are exposed.

For example, the following include property specifies * to expose all the endpoints.

management.endpoints.web.exposure.include=*

2022-03-23 12:03:47.530  INFO 18900 --- [           main] o.s.b.a.e.web.EndpointLinksResolver      : Exposing 13 endpoint(s) beneath base path '/actuator'

You can also mention the specific endpoint explicitly. 

management.endpoints.web.exposure.include=env

3.2. Expose endpoints over JMX in Spring boot

Similarly, you can use the following include and exclude properties to expose the endpoints over JMX.

management.endpoints.jmx.exposure.include=health,info
management.endpoints.jmx.exposure.exclude=env

4. Conclusion

To sum up, we have learned to expose the Actuator endpoints over HTTP or JMX technologies in a Spring boot application.

1 thought on “Spring boot Actuator expose all endpoints”

  1. Pingback: How to enable actuator in spring boot - TedBlob

Comments are closed.